Privacy Policy

Last updated: January 2026

1. Introduction

1 Sequence Cyber Ltd ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PCI DSS Compliance-as-a-Service platform.

By using our services, you consent to the data practices described in this policy. If you do not agree with the terms of this privacy policy, please do not access the site or use our services.

2. Information We Collect

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, company name, and job title when you register for an account.
  • Payment Information: Billing address and payment card details (processed securely through our PCI-compliant payment processor).
  • Compliance Data: Information related to your PCI DSS compliance status, including scan results, evidence documents, and assessment data.
  • Communications: Records of your communications with us, including support tickets and emails.
  • Usage Data: Information about how you use our platform, including log data, device information, and analytics.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send technical notices, updates, security alerts, and support messages
  • Respond to your comments, questions, and customer service requests
  • Communicate with you about products, services, and events
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and other illegal activities
  • Comply with legal obligations and enforce our terms

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

  • Service Providers: With third-party vendors who perform services on our behalf, subject to confidentiality agreements.
  • QSA Partners: With Qualified Security Assessors assigned to your account for compliance validation purposes.
  • Legal Requirements: When required by law or to respond to legal process.
  • Business Transfers: In connection with any merger, acquisition, or sale of assets.
  • With Your Consent: When you have given us explicit consent to share your information.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection practices
  • SOC 2 Type II certified infrastructure

6. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Compliance-related data may be retained for up to 7 years as required by PCI DSS standards.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access to your personal data
  • Correction of inaccurate or incomplete data
  • Deletion of your personal data
  • Restriction or objection to processing
  • Data portability
  • Withdrawal of consent

To exercise these rights, please contact us at privacy@1sequencecyber.com.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses approved by the European Commission.

9. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: privacy@1sequencecyber.com
  • Address: 1 Sequence Cyber Ltd, 71-75 Shelton Street, London, WC2H 9JQ, United Kingdom
  • Phone: +44 20 7946 0958